there's more info on this in the reference manual, than the FAQ. http://www.modssl.org/docs/2.8/ssl_reference.html#ToC4
Basically try changing the 'startup' one to use a file:/path/to/file/with/junk/in/it that points at a file with something random enough in it - I'm not mr crypto, but, by random I take it that something an outside party cant guess ought to be enough, and you need to experiment with file lengths a bit to find what works enough - some people advocate using the syslog output. Of course if you're just hacking around and you dont care that the NSA or the Home Office might be able to decrypt your ssl streams, then why stress out about it? the 'connect' one however should get by using the builtin or see if you can get egd working - this one does affect performance, so avoid using the exec: option because spawning processes is not cheap on resources. [EMAIL PROTECTED] wrote: >Hi all - > >This seems to be a commonly reported problem, but for all the archives >and FAQs I've read, I am no further forward. Here is the situation: > >Apache 1.3.26, openSSL 0.9.6g, mod_ssl 2.8.10-1.3.26, Compaq Tru64 UNIX >4.0F. > >On starting Apache, it immediately exits and logs the following in the >error log file: > >[Tue Aug 20 15:50:13 2002] [error] mod_ssl: Init: Failed to generate >temporary 512 bit RSA private key (OpenSSL library error follows) >[Tue Aug 20 15:50:13 2002] [error] OpenSSL: error:24064064:random number >generator:SSLEAY_RAND_BYTES:PRNG not seeded >[Tue Aug 20 15:50:13 2002] [error] OpenSSL: error:04069003:rsa >routines:RSA_generate_key:BN lib > >The FAQ refers to the SSLRandomSeed directive; this is set in the >httpd.conf file as > >SSLRandomSeed startup builtin >SSLRandomSeed connect builtin > >(As I'm running on Tru64 I don't have the option of using /dev/random) > >It also refers to problems at the "make certificate" stage; that seems >to have gone through without any problems. > >I've also read that there are problems with PHP, so I have removed all >reference in the httpd.conf file to the dynamic PHP module, and for good >measure the dynamic Apache Jserv module, so these are not loading. Still >no diference. > >Can anyone offer me some more pointers? > >Thanks > >Richard > >-- > >Richard Rogers >IT Services, Staffordshire University >______________________________________________________________________ >Apache Interface to OpenSSL (mod_ssl) www.modssl.org >User Support Mailing List [EMAIL PROTECTED] >Automated List Manager [EMAIL PROTECTED] > > ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
